Operation Neptune’s Spear exposed the existence of the MH-X Stealth Black Hawk helicopter.
The first photos from the Abbottabad compound where Osama Bin Laden had been killed early in the morning on May 2, 2011, clearly shows something never seen before: the remains of one of the helicopters used by the U.S. Navy SEALs in Operation “Neptune’s Spear”, didn’t seem to belong to any known type.
The horizontal stabilizer and tail rotor of the wreckage depicted in the photographs didn’t seem to be any form of H-60. Both the shape and position were not common to either Black Hawks helicopters and the tail rotor featured a weird cover that could be anything from a stealth cover, to an armour plate to a noise reduction device.
Based on the remains of the tail section this Author tried to imagine what the full stealthy chopper would have looked like after applying some upgrades needed to make it, if not radar-evading, at least a bit quieter.
With some imagination, engine shields, rotor covers, an extra main rotor blade (to slow down the rotor speed making blades quieter), RAM (Radar Absorbing Material) coating, straight lines and what had survived the attempt of the U.S. Navy Seals Team 6 to destroy the chopper, with the help of Ugo Crisponi, an artist at AviationGraphic.com, we created a sketch of the “black”, never seen before, helicopter (that actually resembled more an S-76 than a modified MH-60 Black Hawk so please have a look at a more reasonable shape here.)
Since then, little more has emerged about the black chopper until 2015, when a book titled “Relentless Strike” by Sean Naylor provided some new details about the history of the MH-X.
According to Naylor, the Stealth helicopters that took part in the raid were experimental choppers that had survived a program to make the Black Hawk less visible to radars. Tested by the 160th SOAR in Area 51, Nevada, before the program was cancelled, the two airframes were less maneuverable under certain conditions than the standard MH-60s because of the modifications. Still, in the wake of the successful raid in Pakistan, the program was exhumed, and the “Night Stalkers” flew their “new” MH-Xs to Syria where they took part in the failed raid to free captured American journalist James Foley and other captives from ISIS, on July 4th, 2014.
Although it has never been confirmed, the presence of the MH-X derivatives in Syria was also rumored in the aftermath of a daring raid that killed ISIS high level operative Abu Sayyaf at Deir Ezzor, southeast of Raqqa, in eastern Syria, in the night between May 15th and 16th.
The amout of contribution I receive each time I publish a blog post on the stealth drone now part of Iran’s asset is amazing. For instance, yesterday, few minutes after publishing the Infographic that I used to explain how the drone was captured (a theory based on the known facts to date), I got an email from Dave Krakow with an interesting drawing he sent me to show how the mysterious hatch on the top of the RQ-170 Sentinel, it’s not up to the typical American Aerospace standards. “The details are imprecise, nothing like Lockheed Martin products.”
Image courtesy: Dave Krakow
Dave believes the thing shown by Iranians was possibly constructed previously, for radar signature research, with details added in a hurry for cameras. “A lot of the commentary on the web regarding general accuracy assumes Iranian intelligence has only the same photos we have on the internet, and thus they could only know certain details if they had an original. I don’t think this is a reasonable assumption” he wrote to me.
For sure, as highlighted in the above image, the mysterious “top hatch” (that I supposed could be used to deploy a recovery chute) features some oddities. Some of them in particular, raise questions. However the angle of the camera, the effect of the zoom, and many other contributing factors (lights, shadows, image compression etc) may have affected the quality of the footage shown on Iran State TV rendering, for example, fasteners seemingly randomly spaced.
Furthermore, there’s still a chance that Iranians worked on the Sentinel after they recovered it: maybe they tried to get access to the internal hardware, removed panels to inspect lenses, memories to look for interesting data or to disable any self-destruction mechanisms or Emergency Locator-like systems, in order to prevent the Americans from locating or destroying it.
Someone argued that a deployed recovery chute would have confirmation only if hatch doors were opened but I’ve already given a possible explaination for the fact that they were closed.
Someone suggested the drone is too clean for a crash landing, however, if a recovery chute made its crash landing soft, I would expect a damaged belly, as the hidden bottom of the drone seems to confirm.
First of all, the lost-link procedure does not foresse the RQ-170 landing autonomously at his actual homebase (because of the many variables, such as wind and traffic) but orbiting until link is re-established or the drone runs out of fuel.
For instance, even under Remote Split Operations, landing is performed in Line Of Sight by the local ground control station: latency induced by the SATCOM link is not compatible with the last phases of the flight when immediate reactions of the robot’s control surfaces to the inputs given remotely by the pilot are required to safely bring the drone on the ground.
Furthermore, provided that the autolanding is used in the lost-link events, it is not that easy to land the drone on a different landing field than its homebase without causing major damages.
Finally, it seems quite weird that any insider so proud to have achieved a hack of the most secret U.S. unmanned aerial system (UAS) could be at the same time so uncautious to give the details of the entire operation to the public domain, with the first and most obvious consequence of not being able to repeat it in the future. Unless, the type of attack they have described is all but unexpected but very well known because highlighted in the above mentioned official documents.
So, I’ve asked once again my friend Ugo Crisponi to put on a nice infographic what I think may have happened on Dec. 4, 2011, when the drone was “downed”, based on all the details I was able to collect so far.
Here it is:
I think the drone’s link with Creech AFB was disrupted using jamming. How did the Iranians know the “Beast of Kandahar” was in the vicinity if they couldn’t see it on the radar? They may have intensified jamming around uranium enrichment sites.
Serbians were able to shot down the F-117 because during the Allied Force planners put the F117s on repetitive routings. Stealth planes are not invisible. They are extremely difficult to see, if you don’t know where they are and you are not close enough to track them. Maybe something similar happened in Iran.
I think that Iran played a role in the crash landing simply because they were able to recover it. If they hadn’t known where the drone had landed they would not have been able to get their hands on it.
Once the link was lost, as per procedure, the drone started an series of racetracks/orbits waiting for the signal to be re-established. In this phase, maybe the Iranians were able to spoof the onboard GPS and guide the drone in the wrong direction. Nevertheless this would mean that the most important American drone relies only on the GPS for navigational purposes and doesn’t use an INS (Inertial Navigation System) platform. Indeed even some GPS-guided bombs as the JDAM (Joint Direct Attack Munition) use anti-jamming and anti-GPS spoofing systems, some of those are based on simple inertial measurement units.
Then, when the Sentinel ran out of fuel, it crashed. Even though it was not mentioned before, there’s a possibility that the drone survived the impact because it was equipped with a safety chute. In fact, I’ve noticed a mysterious hatch on the top of the RQ-170, that, among other things could host the parachute used to safe the precious drone.
It’s obviously a speculation because such a chute could safe the airframe but could also preserve it for the enemy when the drone runs out of fuel during a mission behind the enemy lines. As happened in Iran.
Eventually there is an explanation for the mysterious capture of the U.S. stealth drone by Iran. In an exclusive interview to the Christian Science Monitor, an Iranian engineer (on condition of anonymity) working to reverse engineer the RQ-170 Sentinel hacked while it was flying over the northeastern Iranian city of Kashmar, some 225 kilometers (140 miles) away from the Afghan border, says they were able to exploit a known vulnerability of the GPS.
They jammed the SATCOM link and then forced the drone into autopilot reconfiguring the waypoint of the lost-link procedure to make it land where they wanted.
Furthermore, in explaining why the “Beast of Kandahar” had signs of belly landing the engineer said to CSMonitor:
“If you look at the location where we made it land and the bird’s home base, they both have [almost] the same altitude,” says the Iranian engineer. “There was a problem [of a few meters] with the exact altitude so the bird’s underbelly was damaged in landing; that’s why it was covered in the broadcast footage.”
Ok, this seems to explain almost everything.
However, to be honest, it is the last sentence that raises some questions. Landing a drone, as well as an airplane, with the autopilot on a runway it’s not only a matter of altitude. There are many other things to consider, like the runway heading, the procedure to be followed on approach to avoid specific areas, known obstacles etc.
Maybe the Iranians had identified an airport with the same runway heading, with the same elevation, with no planes interesting runways and taxiways and so on. Still, it’s hard to believe that the Sentinel did not encounter any obstacle and suffered only some (minor) damages on landing.
So I’m still not certain that, although tricked by GPS spoofing, a drone can be landed safely without taking over control even if the Iranian engineer said to CSMonitor that they made the robot
“land on its own where we wanted it to, without having to crack the remote-control signals and communications” from the US control center.
Without considering that the lost-link procedure does not foresse the RQ-170 landing autonomously at his actual homebase (because of the many variables, such as wind and traffic) but orbiting until link is re-established or fuel finishes.
Anyway, maybe it’s time for the U.S. to reconsider their drones’ equipment, countermeasures and combat operation procedures as well as Iran’s electronic and cyberwarfare capabilities.
Tehran Times reported that Iran is about to put on display “foreign spy drones in Iran’s possession” within an exhibition that will also showcase the “latest domestically manufacture electronic warfare equipment”, and national reporters and foreign ambassadors will be allowed to visit them.
According to a source close to the Iranian newspaper, the foreign robots in the hands of the ayatollahs’ regime are three U.S. and four Israeli drones.
“the four Israeli drones that are now in Iran’s possession had violated the country’s airspace along the eastern borders, and the three U.S. unmanned aircraft had penetrated into the country’s airspace along either the eastern or southern border.”
Interestingly, the same article discloses for the first time what everyone already knew: a number of countries have reportedly asked for permission to inspect the “Beast of Kandahar”.
While waiting for new images to analyze, there are still many questions to be answered about the capture of the stealthy Sentinel.
An interesting document titled “Report on Operating Next-Generation Remotely Piloted Aircraft for Irregular Warfare” published by the U.S. Air Force Scientific Advisory Board in April 2011 and made available by Public Intelligence a couple of days ago, provides some interesting (and official) assesement about the reliability of the communication link between the drone and the ground control station.
According to the document, U.S. drone are subject to the following threats (excerpt):
Jamming of commercial satellite communications (SATCOM) links is a widely available technology. It can provide an effective tool for adversaries against data links or as a way for comma nd and control (C2) denial.
Operational needs may require the use of unencrypted data links to provide broadcast services to ground troops without security clearances. Eavesdropping on these links is a known exploit that is available to adversaries for extremely low cost.
Spoofing or hijacking links that can lead to damaging missions, or even to platform loss.
Dealing with the threat to Position, Navigation and Guidance the documents undelines that:
“There is a wide range of methods that a determined adversary can use for attacking RPA guidance and navigation systems. The report mentions here only three categories of threats without going into the details:
Small, simple GPS noise jammers can be easily constructed and employed by an unsophisticated adversary and would be effective over a limited RPA operating area.
GPS repeaters are also available for corrupting navigation capabilities of RPAs.
Cyber threats represent a major challenge for future RPA operations. Cyber attacks can affect both on-board and ground systems, and exploits may range from asymmetric CNO attacks to highly sophisticated electronic systems and software attacks.”
So, what may have happened to the Sentinel?
We can only speculate. The drone may have suffered a lost-link event because of a technical failure (link losses occurs every now and then) or an attack from Iran. Following the loss of satellite link, the procedure foresees that the drone switches to automatic flying and heads towards a preplanned set of waypoints to fly a loop until link is re-established or fuel finishes (with consequent crash).
As I think (and hope) that the preplanned waypoint for lost-link procedure for a mission inside the enemy airspace is set inside the friendly airspace (in order to prevent it from crashing “behind the enemy lines”) I can’t explain why the drone crashed in Iran and not in Afghanistan.
Unless, Iran was really able to corrupt the stealthy robot’s navigational system using jammers and rogue GPS repeaters guiding it in the wrong direction.
04:00PM GMT Dec 15 update
Something that came to my mind while discussing this post with Guido Olimpio, Corriere della Sera correspondent from the U.S.: Tehran is going to show the remains of 7 drones (4 American and 3 Israeli robots) “downed” in Iran. But, if they were flying inside the Iranian airspace they had to be stealth ones. Shall we expect something never seen before?
BTW: the exhibition could something like the Tishreen War Panorama museum in Damascus, Syria, that I visited few years ago, where wreckage of Israeli planes and parts of them, were showcased.
